Exexute root commands by PHP but avoiding vulnerabilities

I have a project and for this project, my PHP page located on a server should accept some parameter by my clients. The “problem” is that I need to run some commands that needs root privileges, basing them on external input.
For example:

$p = $_GET['param'];
shell_exec("iptables " . $p);

Now assuming that I will escape special characters to avoid vulnerabilities, just escaping "| & ; "etc… In my opinion, by proceeding with this method is not secure because a complex malicious expression built by an attacker could hack it anyway. Of course, the page will not execute these commands as root for really, but thanks to this method I will be able to assign root privileges only for few commands on another user. These commands will be executed with that privileges by shell_exec call by the PHP page.
My question is the following: there are any more secure options to reach my goal?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.